Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2019-10312

    A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credential... Read more

    Affected Products : ansible_tower
    • Published: Apr. 30, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2007-5703

    Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    • Published: Oct. 29, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2005-4484

    Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) do_search and (3) search parameters to content.asp.... Read more

    Affected Products : intranetapp
    • Published: Dec. 22, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4496

    Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.... Read more

    Affected Products : syntaxcms
    • Published: Dec. 22, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2007-5647

    Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.... Read more

    Affected Products : socketkb
    • Published: Oct. 23, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2005-4401

    Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the query parameter.... Read more

    Affected Products : lutece
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2010-2987

    Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via ... Read more

    • Published: Aug. 10, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2005-4395

    Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter.... Read more

    Affected Products : farcry
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2009-4983

    Multiple cross-site scripting (XSS) vulnerabilities in Silurus Classifieds 1.0 allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) category.php and (2) wcategory.php, and the (3) keywords parameter to search.php.... Read more

    Affected Products : silurus_system
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2005-4375

    Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376.... Read more

    Affected Products : amaxus
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4388

    Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter.... Read more

    Affected Products : contens
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2011-5029

    Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry parameter to delete.php or (2) category parameter to index.php.... Read more

    Affected Products : simple_php_blog
    • Published: Dec. 29, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-5019

    Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter.... Read more

    Affected Products : textpattern
    • Published: Jan. 05, 2012
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2007-5673

    Cross-site scripting (XSS) vulnerability in cgi-bin/webif.exe in ifnet WebIf allows remote attackers to inject arbitrary web script or HTML via the cmd parameter.... Read more

    Affected Products : webif
    • Published: Oct. 24, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-5629

    Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. NOTE: the provenance of this inf... Read more

    Affected Products : candypress_store
    • Published: Oct. 23, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-5479

    Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter.... Read more

    Affected Products : xcomputer
    • Published: Oct. 16, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-5459

    Cross-site scripting (XSS) vulnerability in the sidebar HTML page in the MouseoverDictionary before 0.6.2 extension for Mozilla Firefox allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : firefox mouseoverdictionary
    • Published: Oct. 14, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-5433

    Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) search mask field.... Read more

    Affected Products : siteup
    • Published: Oct. 12, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2005-4322

    Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attacker... Read more

    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4255

    Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.... Read more

    Affected Products : wikkawiki
    • Published: Dec. 15, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293641 Results